<?php
require_once "classes/aes.class.php";
require_once "classes/aesctr.class.php";

$password = "0ad96580eac3147832161386c40adcbe";
$salt = "C5l9j28OxxVMgKoFCki9B3lTUupP9dmMrRnayLwLo593";

if(empty($_POST["cipher"])) {
	$cipher = $_GET["cipher"];
}
else {
	$cipher = $_POST["cipher"];
}

$decryptedstring = AesCtr::decrypt($cipher, $password, 256);

if($decryptedstring == $salt) {
	function createFolder($folder) {
		if(!is_dir($folder)) {
			mkdir($folder,0755,true);
			$fh = fopen("log", "a+");
			fwrite($fh, "folder created: ".date("m-d-y H:i:s")." ".$folder."\r\n");
			fclose($fh);
		}
	}
	
	if(!empty($_GET["folder"])) {
		createFolder(urldecode($_GET["folder"]));
	}
	
	if(!empty($_POST)) {
		$filename = $_POST["sendtodir"].urldecode($_FILES["file"]["name"]);
		
		$fh = fopen("log", "a+");
		if(file_exists($filename)) {
			if($_POST["overwrite"]) {
				fwrite($fh, "file uploaded: ".date("m-d-y H:i:s")." ".$filename."\r\n");
				move_uploaded_file($_FILES["file"]["tmp_name"], $filename);
			}
			else {
				fwrite($fh, "file not overwritten: ".date("m-d-y H:i:s")." ".$filename."\r\n");
			}
		}
		else {
			fwrite($fh, "file uploaded: ".date("m-d-y H:i:s")." ".$filename."\r\n");
			move_uploaded_file($_FILES["file"]["tmp_name"], $filename);
		}
		fclose($fh);
	}
}
